Category: Uncategorized

Information Technology Governance costly?

I often hear individuals in an Information Technology (IT) organization complain that the compliance effort, or the implementation of an IT Governance framework to bring compliance and security, “takes too much time” or “stops us from working on our projects.” The reality is that an IT governance framework does not need to take that much time away from current projects and, once the framework is implemented properly, the benefits will be more than worth the cost in the form of more efficient operations, greater cost benefit from IT dollars and fewer costly mistakes. The key is in the proper implementation done by an expert and the ongoing maintenance of the framework supported by an informed staff and management team.

Saying that IT Governance and security (ITGS) takes time is like saying that pit stops cause slow lap times in a NASCAR race. Of course ITGS takes time, just like pit stops in a race, and ITGS has a cost, just like tires on a racecar. But if you want to finish the race it has to be done. The difference is when a racecar runs out of gas or blows a worn tire it stops. There is no finish and there is no more forward motivation. When an organization has a security breach or a failed audit the reaction is often to write lengthy excuses blaming someone or something along with an ambiguous explanation telling how the current problem will be prevented in the future. And, unfortunately, few actual changes are made to the system or processes and the rest of the organization keeps moving, however ineffectively, until the next breach happens or audit fails. And this is where the organization pays the cost in the form of fines, consequence mitigation and damage to reputation.

How can this be allowed to continue? It continues because few people understand the broad scope of ITGS or the benefits of an up-to-date IT Governance framework. Fewer still understand the relationship between business strategy and IT strategy. Most of the individuals, at all levels of staff and management, in an IT organization exist in silos and they have trouble seeing beyond that silo and their own responsibilities or projects. But it does not have to be that way. By incorporating an IT Governance framework into every day operations the cost will be minimal and the benefits will be great. Imagine being able to quantify the risk associated with every system in your organizations IT infrastructure and being able to compare the quantified level of risk to see which system is most vulnerable. Then imagine being able to qualify the level of risk to each system with an intelligent analysis of each system that describes hardware, software, processes and policies involved. Can you see how that kind of up-to-date information could help you make an informed and effective decision on where to spend your next IT dollar? No more guessing and no more costly mistakes.

ISP’s billing by the byte

I have heard a great deal of talk in the last couple of weeks about the effort from Time Warner and other ISP’s to start billing by the byte. It’s not a new idea. Ten years ago the ISP’s and telecom’s were calling this 3rd-generation billing or 3G. Today they are calling it “a ‘consumption-based’ model.” See todays article Time Warner Drops Internet Metering Plan. The communications industry does charge by the byte on some price-plans and has for a long time. Surfing the internet from your Blackberry, sending text messages from you phone, uploading photos and downloading ringtones are examples. These services are often charged by the byte. Check your telephone bill.

This plan has never worked and this is just the latest attempt by the industry to probe the consumer to test their defenses. The average internet user is awfully savvy about how they are being billed and, obviously, have a lot of information at their finger tips. Many of us spend much of our time on the internet while we are making our living. Consumers have been against being charged by the byte for a long time so today’s article on CIO is no surprise.

First update.

For ease of maintenance I have switched to WordPress as my CMS. I’ll be moving content over the next few days. Once everything is moved and up again then I may be able to write a new post or two. As though I have any time. I will at least be able to share something that I am working on from time to time and maybe a link or two that you might find useful.

As always, comments are welcome. (Be polite!) Requests are considered. (Be reasonable!) Help is available. I’ll let you know if I have the answer. If I don’t I probably know who does.